/**
 * 2009-10-23 下午02:11:07 
 * esignature
 * com.smc.security
 * SecurityContextHolder
 */
package com.smc.security;

import javax.servlet.http.HttpSession;

/**
 * @author chenheng
 * @version 0.0.1
 * 用户私密信息持有器
 */
public abstract class SecurityContextHolder {
	/**
	 * 用户的认证授权信息
	 */
	private static Authentication authentication ;
	/**
	 * 这里目前从session中取得认证授权信息
	 * @param session	用户会话session
	 * @return
	 */
	public static Authentication getAuthentication(HttpSession session) {
		authentication = (Authentication) session.getAttribute("authToken");
		return authentication;
	}
	/**
	 * 将用户的认证授权信息存入session
	 * @param authentication
	 * @param session
	 */
	public static void setAuthentication(Authentication authentication,HttpSession session) {
		SecurityContextHolder.authentication = authentication;
		session.setAttribute("authToken", authentication);
		
	}
	/**
	 * 从session中移出用户认证授权信息
	 * @param session
	 */
	public static void removeAuthentication(HttpSession session) {
		authentication = null ;
		session.removeAttribute("authToken");
	}

}